Skip to content
  • Categories
Collapse
Brand Logo

Talks
  1. Home
  2. English
  3. Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Scheduled Pinned Locked Moved English
1 Posts 1 Posters 2 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • S Offline
    S Offline
    SrGuard
    wrote on last edited by
    #1

    Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.

    New research indicates that over 80,000 Hikvision surveillance cameras in the world today are vulnerable to an 11 month-old command injection flaw.

    Hikvision – short for Hangzhou Hikvision Digital Technology – is a Chinese state-owned manufacturer of video surveillance equipment. Their customers span over 100 countries (including the United States, despite the FCC labeling Hikvision “an unacceptable risk to U.S. national security” in 2019).

    Last Fall, a command injection flaw in Hikvision cameras was revealed to the world as CVE-2021-36260. The exploit was given a “critical” 9.8 out of 10 rating by NIST.

    Despite the severity of the vulnerability, and nearly a year into this story, over 80,000 affected devices remain unpatched. In the time since, the researchers have discovered “multiple instances of hackers looking to collaborate on exploiting Hikvision cameras using the command injection vulnerability,” specifically in Russian dark web forums, where leaked credentials have been put up for sale.

    The extent of the damage done already is unclear. The authors of the report could only speculate that “Chinese threat groups such as MISSION2025/APT41, APT10 and its affiliates, as well as unknown Russian threat actor groups could potentially exploit vulnerabilities in these devices to fulfill their motives (which may include specific geo-political considerations).”

    The Risk in IoT Devices

    With stories like this, it’s easy to ascribe laziness to individuals and organizations that leave their software unpatched. But the story isn’t always so simple.

    According to David Maynor, senior director of threat intelligence at Cybrary, Hikvision cameras have been vulnerable for many reasons, and for a while. “Their product contains easy to exploit systemic vulnerabilities or worse, uses default credentials. There is no good way to perform forensics or verify that an attacker has been excised. Furthermore, we have not observed any change in Hikvision’s posture to signal an increase in security within their development cycle.”

    Full article:
    https://threatpost.com/cybercriminals-are-selling-access-to-chinese-surveillance-cameras/180478/

    1 Reply Last reply
    0

    • Login
    • Don't have an account? Register
    Powered by NodeBB Contributors
    • First post
      Last post
    0
    • Categories